<!DOCTYPE html>
<html>
  <head>
    <meta charset="UTF-8" />
    <title>OCP Certificate Expiry Report</title>
    {# For fancy icons and a pleasing font #}
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" />
    <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700" rel="stylesheet" />
    <style type="text/css">
      body {
      font-family: 'Source Sans Pro', sans-serif;
      margin-left: 50px;
      margin-right: 50px;
      margin-bottom: 20px;
      padding-top: 70px;
      }
      table {
      border-collapse: collapse;
      margin-bottom: 20px;
      }
      table, th, td {
      border: 1px solid black;
      }
      th, td {
      padding: 5px;
      }
      .cert-kind {
      margin-top: 5px;
      margin-bottom: 5px;
      }
      footer {
      font-size: small;
      text-align: center;
      }
      tr.odd {
      background-color: #f2f2f2;
      }
    </style>
  </head>
  <body>
    <nav class="navbar navbar-default navbar-fixed-top">
      <div class="container-fluid">
        <div class="navbar-header">
          <a class="navbar-brand" href="#">OCP Certificate Expiry Report</a>
        </div>
        <div class="collapse navbar-collapse">
          <p class="navbar-text navbar-right">
	    <button>
	      <a href="https://docs.openshift.com/container-platform/latest/install_config/redeploying_certificates.html"
		 target="_blank"
		 class="navbar-link">
		 <i class="glyphicon glyphicon-book"></i> Redeploying Certificates
	      </a>
	    </button>
	    <button>
	      <a href="https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_certificate_expiry"
		 target="_blank"
		 class="navbar-link">
		 <i class="glyphicon glyphicon-book"></i> Expiry Role Documentation
	      </a>
	    </button>
	  </p>
        </div>
      </div>
    </nav>

    {# Each host has a header and table to itself #}
    {% for host in ansible_play_hosts %}
      <h1>{{ host }}</h1>

      <p>
        {{ hostvars[host].check_results.msg }}
      </p>
      <ul>
        <li><b>Expirations checked at:</b> {{ hostvars[host].check_results.check_results.meta.checked_at_time }}</li>
        <li><b>Warn after date:</b> {{ hostvars[host].check_results.check_results.meta.warn_before_date }}</li>
      </ul>

      <table border="1" width="100%">
        {# These are hard-coded right now, but should be grabbed dynamically from the registered results #}
        {%- for kind in ['ocp_certs', 'etcd', 'kubeconfigs', 'router', 'registry'] -%}
          <tr>
            <th colspan="7" style="text-align:center"><h2 class="cert-kind">{{ kind }}</h2></th>
          </tr>

          <tr>
            <th>&nbsp;</th>
            <th style="width:33%">Certificate Common/Alt Name(s)</th>
	    <td>Serial</th>
            <th>Health</th>
            <th>Days Remaining</th>
            <th>Expiration Date</th>
            <th>Path</th>
          </tr>

          {# A row for each certificate examined #}
          {%- for v in hostvars[host].check_results.check_results[kind] -%}

            {# Let's add some flair and show status visually with fancy icons #}
            {% if v.health == 'ok' %}
              {% set health_icon = 'glyphicon glyphicon-ok' %}
            {% elif v.health == 'warning' %}
              {% set health_icon = 'glyphicon glyphicon-alert' %}
            {% else %}
              {% set health_icon = 'glyphicon glyphicon-remove' %}
            {% endif %}

            <tr class="{{ loop.cycle('odd', 'even') }}">
              <td style="text-align:center"><i class="{{ health_icon }}"></i></td>
              <td style="width:33%">{{ v.cert_cn }}</td>
	      <td><code>int({{ v.serial }})/hex({{ v.serial_hex }})</code></td>
              <td>{{ v.health }}</td>
              <td>{{ v.days_remaining }}</td>
              <td>{{ v.expiry }}</td>
              <td>{{ v.path }}</td>
            </tr>
          {% endfor %}
          {# end row generation per cert of this type #}
        {% endfor %}
        {# end generation for each kind of cert block #}
      </table>
      <hr />
    {% endfor %}
    {# end section generation for each host #}

    <footer>
      <p>
        Expiration report generated by
        the <a href="https://github.com/openshift/openshift-ansible"
        target="_blank">openshift-ansible</a>
	<a href="https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_certificate_expiry"
	   target="_blank">certificate expiry</a> role.
      </p>
      <p>
        Status icons from bootstrap/glyphicon
      </p>
    </footer>
  </body>
</html>
